-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Todd Zullinger wrote: > Robert L Cochran wrote: >> Is there anyone out there willing to sign my GPG public key? > > Without a face to face meeting and exchanging of the gpg key info > (size, type, fingerprint, etc.) and some form of picture ID? I would > hope no one would be willing. If there are, you don't want their > signatures anyway. ;-) > >> It is on subkeys.pgp.net under this email address -- >> cochranb@xxxxxxxxxxxxxx >> >> If you will sign my key, I will sign yours. That is what's in it for >> you. >> >> If you are interested, email me offlist and perhaps we can organize >> a signing party where we start with one person and go round to the >> last, turn by turn. > > Have you checked out biglumber.com? That's a handy place to add your > key and geographic location and find others nearby that are interested > in meeting for exchanging signatures. If it wasn't around a 2 hour > drive to Greenbelt MD, I'd consider it. :) > > Searching biglumber, there are at least 28 individuals or groups in > Maryland that are interested in exchanging signatures: > > https://biglumber.com/x/web?ss=MD > > Another place to start is with local LUGs. There are often folks > there that use PGP and are willing to exchange signatures. > > HTH, > > Thanks Todd. This really is useful to me. I'm waiting now for biglumber.com to actually send me the promised login token based on my GPG key, so I can make myself the 29th Maryland person interested in a keysigning. I have a feeling their email server is in trouble. Or is just so painfully slow that it needs hours. I've also checked for people who might be interested in meeting me, there are at least a few within driving distance for me. I'll probably check to see if the Baltimore, Maryland LUG really will have a keysigning party. The one advantage to driving all the way out there for such a meeting is I might meet some new folks and make a friend or two. Since I also belong to the Thawte "Web of Trust" and have enough "Trust Points" accumulated to authenticate other people, I'm well aware based on numerous personal meetings with others (whom I asked to authenticate me, and later on, people who asked me to authenticate them) that these authentication type and/or keysigning meetings are basically meaningless in terms of really knowing the person who is signing your key or authenticating your application. It's like a puff of air. It's a formality only. One that cost me a lot of gas and with no payment forthcoming. One guy did take the time to talk to me at a Starbucks, but I never met him or heard from him again. Such is business. With Thawte, payment of a sufficient fee and the signature of just one banker or lawyer can get you enough Trust Points to authenticate anyone. It doesn't matter if the lawyer or banker recently served a jail term. - From a keysigning perspective, really a face-to-face meeting has no more value from an authentication or know-the-other-party perspective than the act of walking past someone in a grocery store. It's not as if you are going to do business with the person whose key you just signed until the day you die. Email is often a better and more efficient use of time and resources. Bob -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHlm8z6lKCpcLGBRgRArf7AJ9IFcORFP4F/z7CPstO0IRh4NrOYQCgo0EG 63Ff/7KqyvZhTYKhnmAVtog= =0T8r -----END PGP SIGNATURE-----
